It did happen, whether your specific email is legit or not depends on who sent it.

I dont think BMG send emails and asking for your password, dont klick the link, change password over the Site, ToS got hacked and hackers have users email adresses so be aware.

Ok, thanks.

i have always signed in using Steam ID will they have gained access to my Steam log in info or data do you think?

Originally posted by LostScotsman:

i have always signed in using Steam ID will they have gained access to my Steam log in info or data do you think?

My question aswell.
OH AND ALSO HOW DO I SIGN IN THRU STEAM ON MOBILE?

Originally posted by LostScotsman:

i have always signed in using Steam ID will they have gained access to my Steam log in info or data do you think?

No dont worry, If you sign in though steam the account information doesn´t get shared with the site. So they don´t have your steam data, just some random data BMG created for your account.
(They may have your steamname but not password)

If it was sent from info@blankmediagames.com, then it's safe, the link just directs you to a page where you can reset your password, also on their site.

Originally posted by Vepar:

If it was sent from info@blankmediagames.com, then it's safe, the link just directs you to a page where you can reset your password, also on their site.

Hackers can fake the sender, but If the link really connects to ToS then you´re safe I guess.

I went ahead and changed my password anyway but now it keeps coming up error thing in steam. Let me sign in here fine. Is steam down?

HOW DO I LOG IN THRU STEAM ON MOBILE ?

Originally posted by lilmamapanda:

I went ahead and changed my password anyway but now it keeps coming up error thing in steam. Let me sign in here fine. Is steam down?

No If steam would be down, you wouldn´t able to write here :D.

Originally posted by Der Chemie Lehrer:

Originally posted by Vepar:

If it was sent from info@blankmediagames.com, then it's safe, the link just directs you to a page where you can reset your password, also on their site.

Hackers can fake the sender, but If the link really connects to ToS then you´re safe I guess.

Well i clicked the link and it sent me to reset my password, so if they didn't fake the entire website, i guess it's fine.

Originally posted by Vepar:

Originally posted by Der Chemie Lehrer:

Hackers can fake the sender, but If the link really connects to ToS then you´re safe I guess.

Well i clicked the link and it sent me to reset my password, so if they didn't fake the entire website, i guess it's fine.

Agree

I thought that paswords were hashed? So they shouldn't even have the passwords? In most websites, on login, they take the username, take your password, apply some math fucntion to the password, and then create a hash, often 32 bits but it can be any size depending on whatever math is used. The hash is compared to the hash stored on their side (created by the same password and function). So shouldn't the hackers just have a bunch of files of hashes and not passwords? In theorey since no passwords are stored (using this conventional system), even if you were silly enough to keep using the same password for your email, your steam, and your skype account they all used different hash functions and so look different on their computers.

I still changed stuff just in case. But unless they stored the passwords directly (which is an oudated practice) this should not affect you. And steam and ToS accounts are seperate anyways.

Also, changing things seem to confuse steam. I don't really know how it works, but I guess your Steam account rememebers certain stuff about your ToS one but needs a reset. Restarting the computer after changing passwords seems necssary.

Originally posted by tiberiansun371alexw:

I thought that paswords were hashed? So they shouldn't even have the passwords? In most websites, on login, they take the username, take your password, apply some math fucntion to the password, and then create a hash, often 32 bits but it can be any size depending on whatever math is used. The hash is compared to the hash stored on their side (created by the same password and function). So shouldn't the hackers just have a bunch of files of hashes and not passwords? In theorey since no passwords are stored (using this conventional system), even if you were silly enough to keep using the same password for your email, your steam, and your skype account they all used different hash functions and so look different on their computers.

I still changed stuff just in case. But unless they stored the passwords directly (which is an oudated practice) this should not affect you. And steam and ToS accounts are seperate anyways.

Also, changing things seem to confuse steam. I don't really know how it works, but I guess your Steam account rememebers certain stuff about your ToS one but needs a reset. Restarting the computer after changing passwords seems necssary.

The passwords are encrypted(as much as I red in the news). But it´s still a risk, even though cracking all these passwords would be a full time job for a long time :D